• News
    • Archive
  • Celebrities
  • Finance
  • Crypto
  • Entertainment
  • Travel
  • Health
  • Others

Messaging Apps: Exposing FBI’s Legal Access To Their Contents

28Shares
28.4KViews

When it comes to messaging apps, people are confident that their communication with anyone shall remain private forever no matter what.

Then came along the Federal Bureau of Investigation (FBI), which, through established U.S. laws, has been granted the power to access so much private information.

It took an effort by a Washington-based nonprofit organization for the public to know about it.

Property of the People upholds that government records are public property as it aims for “governmental transparency.”

It recently uncovered how much information the FBI can get from messaging apps.

COPYRIGHT_WI: Published on https://washingtonindependent.com/w/messaging-apps/ by Daisy-Mae Schmitt on 2021-12-17T05:18:12.921Z

TOP 7 most secure messaging apps ✅ Stop giving your info out

The Unclassified FBI Document

U.S. Department of Justice Federal Bureau of Investigation seal, with the words ‘fidelity, bravery, integrity’
U.S. Department of Justice Federal Bureau of Investigation seal, with the words ‘fidelity, bravery, integrity’

Property of the People received the FBI document through a Freedom of Information Act request, according to online cybersecurity resource The Record.

The said organization published it (the document appears like an infographic) on its website on November 19, 2021. It also tweeted that it shared the document with Rolling Stone’s Washington, D.C., Bureau Chief Andy Kroll.

Titled “Lawful Access” (subheading: “FBI’s Ability to Legally Access Secure Messaging App Content and Metadata”) and dated January 7, 2021, the one-page document bears the protective markings (U//FOUO) and (U//LES). They mean “Unclassified//For Official Use Only” and “Unclassified//Law Enforcement Sensitive,” respectively.

Prepared by the FBI’s Science and Technology Branch and Operational Technology Division, it contains information regarding the bureau’s “lawful access” to certain information managed, kept, and safeguarded by nine mobile/messaging applications.

Moreover, according to the document, the FBI was authorized “to legally access” such information from the listed messaging apps as of November 2020.

Spill The Beans – The Document’s Basic Content

Façade of J. Edgar Hoover FBI Building headquarters in Washington, D.C.
Façade of J. Edgar Hoover FBI Building headquarters in Washington, D.C.

Alphabetically listed in the FBI document, below are the nine mobile apps or messaging apps and the pertinent details that, per existing U.S. laws, the FBI has been authorized to access.

Under “Information Accessed,” the FBI can access the following specific information:

(1) subscriber’s data

(2) message sender receiver data

(3) device backup

(4) IP address

(5) encryption key(s)

(6) date/time information

(7) registration time data

(8) user’s contacts

Note, however, that the companies behind the message apps mentioned in the document don’t give the FBI access to all the above-mentioned information.

Under “Legal Process,” the following are required before the FBI can proceed with a particular action/request:

(1) court order/subpoena

(2) search warrant

(3) preservation letter

The FBI can also operate under “U.S. Code Title 18. Crimes and Criminal Procedure § 2703” or “18 USC §2703(d),” which has the title: “Required disclosure of customer communications or records.”

In addition, the FBI can use a pen register, aka dialed number recorder (DNR), which is “an electronic device that records all numbers called from a particular telephone line,” according to Wikipedia.

Information regarding the country of origin was supplied by the author of this article.

App: iMessage (U.S. company)

Information Accessed: all except for the IP address (refer to the enumerated information above)

Legal Process: access to basic subscriber’s record (subpoena); access to 25 days’ worth of iMessage lookups “and from a target number” [per “18 USC §2703(d)”]; access to device backup and, if applicable, to encryption keys of the iCloud backup of the device (search warrant)

Additional Details: access to message content is allowed but limited only

App: LINE (South Korea)

Information Accessed: 1, 2, 6, 7, 8

Additional Details: access to message content is limited only; seven days’ worth (the maximum) of text chat

App: Signal (U.S.)

Information Accessed: 6 and 7

Additional Details: access to message content not allowed

App: Telegram (Russia)

Information Accessed: 7

Additional Details: access to message content not allowed; in the case of “confirmed terrorist investigations,” Telegram “may disclose IP address and phone number to relevant authorities,” per its own Privacy Statement

App: Threema (Switzerland)

Information Accessed: 1, 5, 6, 7

Additional Details: access to message content not allowed

App: Viber (Japan)

Information Accessed: 1, 4, 5, 6, 7

Additional Details: access to message content not allowed

App: WeChat (China)

Information Accessed: 1, 4, 7

Legal Process: preservations letter; subpoena (note: applies only to accounts created outside China)

Additional Details: access to message content not allowed

App: WhatsApp (U.S.)

Information Accessed: 1, 2, 5, 6, 7

Legal Process: access to basic subscriber’s record (subpoena); information about blocked users (court order); “address book contacts and WhatsApp users who have the target in their address book contacts” (search warrant); each message (source and destination) sent every 15 minutes (pen register)

Additional Details: access to message content is allowed but limited only

App: Wickr (U.S.)

Information Accessed: 1, 6, 7

Additional Details: access to message content not allowed

Data Privacy Messaging Apps

Variety of social media icons appear side by side together
Variety of social media icons appear side by side together

Among the nine messaging apps whose content and metadata can be scrutinized by the FBI, only Telegram gives one specific information (registration time data) from its users.

Next is Signal with only two (date/time information and registration time data).

WeChat and Wickr only give three (subscriber’s data and registration time data), with WeChat permitting access to information concerning IP address and Wickr, date/time information.

Apple’s iMessage and Meta’s (formerly Facebook) WhatsApp are the only two (perhaps because they’re American companies?) from which so much information can be obtained by the FBI, via legal means, of course.

Aside from Threema and Viber, iMessage and WhatsApp can give encryption key(s) to the FBI.

When Rolling Stone sought WhatsApp for comments, a spokeswoman said that they “carefully review, validate, and respond to law-enforcement requests based on applicable law.”

WhatsApp can provide information to the FBI and other law enforcement agencies about the people whom the app user communicated with, the time the communication happened, and other WhatsApp users included in the original user’s address book.

What’s alarming about this, noted Rolling Stone, is that journalists use messaging apps such as WhatsApp for work. From time to time, they cover delicate and complex stories; thus, the need to contact people, who need to remain anonymous for security reasons.

Rolling Stone mentioned the case of Natalie Edwards, who received a 6-month prison sentence in 2020 after authorities got access (legally, of course) to her WhatsApp messages.

Edwards was a senior adviser at the Financial Crimes Enforcement Network (FinCEN) of the U.S. Treasury Department, who supplied sensitive information to a BuzzFeed News reporter.

Most Secure Messaging App 2021

Except for Telegram and WeChat, all of them – iMessage, LINE, Signal, Threema, Viber, WhatsApp – are encrypted messaging apps. Meaning, they use end-to-end encryption (E2EE).

E2EE is a way to secure communication between a sender and a recipient, where no other parties can access such communication.

When it comes to encrypted messaging apps, Heimdal Security, an award-winning cybersecurity provider in Copenhagen, named 15 as being “the most secure” in a July 2021 blog post.

Here’s the list’s Top 5:

(1) Signal

(2) iMessage

(3) WhatsApp

(4) Viber

(5) Threema

Part of the Top 10:

(6) LINE

(7) Telegram

(8) KakaoTalk

(9) Dust

(10) Wickr

Part of the Top 15:

(11) CoverMe

(12) Silence

(13) Pryvate Now

(14) SureSpot

(15) Wire

Below are also the top five picks of three reputable online tech resources.

TechRadar (for Android only):

(1) Signal

(2) WhatsApp

(3) Telegram

(4) Threema

(5) Silence

Tom’s Guide:

(1) Signal

(2) Threema

(3) WhatsApp

(4) Telegram

(5) Silent Phone

ZDNet:

(1) Samsung and Google Messages

(2) Signal

(3) Apple Messages

(4) Whatsapp

(5) Facebook Messenger

Which Texting App Is Most Secure?

Right hand holding a smartphone displaying Signal icon amidst the same background
Right hand holding a smartphone displaying Signal icon amidst the same background

Based from the top choices by Heimdal Security, TechRadar, Tom’s Guide, and ZDNet, Signal is the most secure texting or messaging app.

On its website, software developer AVG said that “security experts and government organizations worldwide” agree, too.

Signal protocol handles the E2EE of Signal. When it comes to mobile encryption, AVG attested that Signal protocol is “the gold standard.”

Aside from password security and PIN access, another security feature of Signal is “disappearing messages,” according to AVG. Users can make the messages they send and receive to disappear “after a certain period of time.”

It comes for free, too (Linux, macOS, Windows; Android, iOS).

Conclusion

White FBI 149 police Chevrolet Tahoe SUV parked outside FBI headquarters in Washington
White FBI 149 police Chevrolet Tahoe SUV parked outside FBI headquarters in Washington

Investigating crimes is part of the job of law enforcement, and nowadays mobile apps are used in crime operations and illegal transactions.

As companies are compelled by the law to cooperate, for example, with the FBI, by giving access to supposedly private information, they should become more transparent with it. They should update their privacy statements and make them clearer and easier to understand for their clients.

It's now up to users to read carefully the privacy statement of these messaging apps to know how much of their privacy is at stake.

Share: Twitter | Facebook | Linkedin

About The Authors

Daisy-Mae Schmitt

Daisy-Mae Schmitt - Daisy-Mae is obsessed with inventing new ways to create awesome content that's absurdly useful and successful, with over ten years of editorial and inbound marketing experience. She also serves as a reporter, strategist, interviewer, mentor, and therapist for in-house contributors and clients.

Recent Articles

No articles found.